friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahustep1completeplanningworksheets2.htm

159 lines
10 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Complete planning work sheets" />
<meta name="DC.Relation" scheme="URI" content="rzahudcmpublicaccessscen.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahustep2configurethehumanresourceshttpservertousessl.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzahustep1completeplanningworksheets2" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Complete planning work sheets</title>
</head>
<body id="rzahustep1completeplanningworksheets2"><a name="rzahustep1completeplanningworksheets2"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Complete planning work sheets</h1>
<div><div class="section"><p>The following planning work sheets demonstrate the information
that you need to gather and the decisions you need to make to prepare the
digital certificate implementation that this scenario describes. To ensure
a successful implementation, you need to be able to answer <samp class="codeph">Yes</samp> to
all prerequisite items and you need to have gathered all the information requested
before you perform any configuration tasks.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 1. Certificate implementation
prerequisite planning work sheet</caption><thead align="left"><tr><th valign="top" id="d0e24">Prerequisite work sheet</th>
<th valign="top" id="d0e26">Answers</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e24 ">Is your<span class="keyword">i5/OS™</span> V5R4
(5722-SS1)?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Is option 34 of <span class="keyword">i5/OS</span> installed
on your system?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Is the <span class="keyword">IBM<sup>®</sup> HTTP Server for i5/OS</span> (5722DG1)
installed on your system and Administrative server instance started?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Is TCP configured for your system so that you can use
a Web browser and the HTTP Server Administrative server instance to access
DCM?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e24 ">Do you have *SECADM and *ALLOBJ special authorities?</td>
<td valign="top" headers="d0e26 "><samp class="codeph">Yes</samp></td>
</tr>
</tbody>
</table>
</div>
<p>You need to gather the following information about your digital
certificate implementation to perform the necessary configuration tasks to
complete the implementation:</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><caption>Table 2. Certificate implementation configuration
planning work sheet</caption><thead align="left"><tr><th valign="top" id="d0e84">Planning work sheet for iSeries™ A</th>
<th valign="top" id="d0e89">Answers</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e84 ">Will you operate your own Local CA or obtain certificates
for your application from a public CA?</td>
<td valign="top" headers="d0e89 "><samp class="codeph">Create Local CA to issue certificates</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">Does iSeries A host the applications that you want to
enable for SSL?</td>
<td valign="top" headers="d0e89 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">What distinguished name information will you use for
the Local CA? <ul><li><span class="uicontrol">Key size</span>: determines strength of cryptographic
keys for certificate.</li>
<li><span class="uicontrol">Certificate Authority (CA) name</span>: identifies the
CA and becomes the common name for the CA certificate and the Issuer DN for
certificates that the CA issues. </li>
<li><span class="uicontrol">Organization unit</span>: identifies the organizational
section or area for the application that will use this certificate.</li>
<li><span class="uicontrol">Organization name</span>: identifies your company or divisional
section for the application that will use this certificate.</li>
<li><span class="uicontrol">Locality or city</span>: identifies your city or a locality
designation for your organization.</li>
<li><span class="uicontrol">State or province</span>: identifies the state or province
in which you will use this certificate.</li>
<li><span class="uicontrol">Country or region</span>: identifies, with a two-letter
designation, the country or region in which you will use this certificate.</li>
<li><span class="uicontrol">Validity period of Certificate Authority</span>: specifies
the number of days for which the Certificate Authority certificate is valid</li>
</ul>
</td>
<td valign="top" headers="d0e89 "><span class="uicontrol">Key size</span>: <samp class="codeph">1024</samp><span class="uicontrol">Certificate
Authority (CA) name</span>: <samp class="codeph">Myco_CA@myco.com</samp><span class="uicontrol">Organization
unit</span>: <samp class="codeph">Rate dept</samp><span class="uicontrol">Organization name</span>: <samp class="codeph">myco</samp><span class="uicontrol">Locality
or city</span>: <samp class="codeph">Any_city</samp><span class="uicontrol">State or province</span>: <samp class="codeph">Any</samp><span class="uicontrol">Country
or region</span>: <samp class="codeph">ZZ</samp><span class="uicontrol">Validity period of Certificate
Authority</span>: <samp class="codeph">1095</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">Do you want to set the policy data for the Local CA
to allow it to issue user certificates for client authentication?</td>
<td valign="top" headers="d0e89 "><samp class="codeph">Yes</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">What distinguished name information will you use for
the server certificate that the Local CA issues? <ul><li><span class="uicontrol">Key size</span>: determines strength of cryptographic
keys for certificate.</li>
<li><span class="uicontrol">Certificate label</span>: identifies the certificate with
a unique string of characters. </li>
<li><span class="uicontrol">Common name</span>: identifies the owner of the certificate,
such as a person, entity, or application; part of the Subject DN for the certificate.</li>
<li><span class="uicontrol">Organization unit</span>: identifies the organizational
section or area for the application that will use this certificate.</li>
<li><span class="uicontrol">Organization name</span>: identifies your company or divisional
section for the application that will use this certificate.</li>
<li><span class="uicontrol">Locality or city</span>: identifies your city or a locality
designation for your organization.</li>
<li><span class="uicontrol">State or province</span>: identifies the state or province
in which you will use this certificate.</li>
<li><span class="uicontrol">Country or region</span>: identifies, with a two-letter
designation, the country or region in which you will use this certificate.</li>
</ul>
</td>
<td valign="top" headers="d0e89 "><span class="uicontrol">Key size</span>: <samp class="codeph">1024</samp><span class="uicontrol">Certificate
label</span>: <samp class="codeph">Myco_public_cert</samp><span class="uicontrol">Common name</span>: <samp class="codeph">myco_rate_server@myco.com</samp><span class="uicontrol">Organization
unit</span>: <samp class="codeph">Rate dept</samp><span class="uicontrol">Organization name</span>: <samp class="codeph">myco</samp><span class="uicontrol">Locality
or city</span>: <samp class="codeph">Any_city</samp><span class="uicontrol">State or province</span>: <samp class="codeph">Any</samp><span class="uicontrol">Country
or region</span>: <samp class="codeph">ZZ</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">What is the DCM application ID for the application that
you want to configure to use SSL?</td>
<td valign="top" headers="d0e89 "><samp class="codeph">mcyo_agent_rate_app</samp></td>
</tr>
<tr><td valign="top" headers="d0e84 ">Will you configure the SSL-enabled application to use
certificates for client authentication? If yes, which CAs do you want to
add to the application's CA trust list?</td>
<td valign="top" headers="d0e89 "><samp class="codeph">Yes</samp><samp class="codeph">Myco_CA@myco.com</samp></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahudcmpublicaccessscen.htm" title="In this scenario, you to learn how to use certificates as an authentication mechanism to protect and restrict which resources and applications that internal users can access on your internal servers.">Scenario: Use certificates for internal authentication</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzahustep2configurethehumanresourceshttpservertousessl.htm">Configure the human resources HTTP Server to use SSL</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink